#office-hours (2023-12)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2023-12-03
2023-12-04
[..] folks at VMware/now Broadcom that work on OSS projects are at a standstill until we get legal approval to continue working in OSS. Basically, we have to get re-approval following Broadcom’s policies. So, please standby until we get this resolved!
— https://kubernetes.slack.com/archives/CH8KCCKA5/p1701363011307269?thread_ts=1701360923.622609&cid=CH8KCCKA5
Vmware is involved in tons of other OSS projects (spring (java framework), harbor (registry), … )
2023-12-05
I’m sure this has probably been talked about before but has anyone utilized Rover before? I’m sure it doesn’t scale well, but looks like a cool tool for visualizations (https://github.com/im2nguyen/rover)
Interactive Terraform visualization. State and configuration explorer.
I’d like to ask the same question. It certainly looks neat.
Interactive Terraform visualization. State and configuration explorer.
@Andriy Knysh (Cloud Posse) @Jeremy G (Cloud Posse) @Erik Osterman (Cloud Posse)
Michael, Just tagged you on the private threads we had about rover
We looked into it 2 years ago and at the time did not see an advantage over Spacelift’s UI, and we were focused on using Spacelift at the time. Thank you for reminding us as we move more toward using GitHub actions.
Yea, I would be more interested in something like this which could generate usable mermaid markdown so we don’t have to host a service
With mermaid, it could just be hosted on GitHub
Rover doesn’t generate Mermaid output. It generates an interactive web page (HTML and JavaScript) or an SVG image.
2023-12-06
@here office hours is starting in 30 minutes! Remember to post your questions here.
Links from today’s office hours:
https://www.hashicorp.com/blog/terraform-stacks-explained https://www.wsj.com/tech/personal-tech/google-gmail-deleting-inactive-accounts-a9c70a7b https://www.theregister.com/2023/12/01/aws_az_fault_injection_service/ https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-cloudwatch-applications-signals-observe-preview/ https://github.com/orgs/community/discussions/18055#discussioncomment-7267134 https://github.com/github/roadmap/issues/637 https://github.com/github/roadmap/issues/592 https://aws.amazon.com/about-aws/whats-new/2023/12/aws-lambda-functions-scale-up/ https://support.google.com/a/answer/2855120?hl=en https://aws.amazon.com/blogs/aws/new-myapplications-in-the-aws-management-console-simplifies-managing-your-application-resources/ https://aws.amazon.com/vpc/lattice/ https://aws.amazon.com/solutions/guidance/cell-based-architecture-for-amazon-eks/ https://aws.amazon.com/blogs/opensource/kubernetes-multi-cluster-service-discovery-using-open-source-aws-cloud-map-mcs-controller/ https://www.reddit.com/r/programming/comments/a9hs3u/the_ant_design_christmas_egg_that_went_wrong/
Update on the ShapeShift Hacking Incident April 18th, 2016 While work continues on the hardening of ShapeShift infrastructure, we have concluded…
This was the hack I was thinking of. What’s crazy, is I used GPT to help me remember, but went through about 10 other hacks before arriving at this one.
Update on the ShapeShift Hacking Incident April 18th, 2016 While work continues on the hardening of ShapeShift infrastructure, we have concluded…
2023-12-12
Just saw this off linkedin: https://wiki.lfedge.org/display/OH/OpenBao+%28Hashicorp+Vault+Fork+effort%29+FAQ
Welp…this is getting saucy. It looks like #IBM has decided to create an Open Source #Vault competitor, #OpenBau, to join in with #OpenTofu in the resistance… | 18 comments on LinkedIn |
2023-12-13
@here office hours is starting in 30 minutes! Remember to post your questions here.
What’s the password?
sweetops
Where should we post questions if we cannot join the meeting but want to listen later? here?
@Erik Osterman (Cloud Posse)
You can take a stab at posting them here in this channel. We review before/during each call. I can’t promise we’ll answer all questions, but if there’s sufficient context provided we usually do try to answer them live.
Links from today’s office hours:
https://www.fosstechnix.com/terraform-cloud-interview-questions-and-answer/ https://aws.amazon.com/about-aws/whats-new/2023/11/route-53-application-recovery-zonal-autoshift/ https://github.com/boring-registry/boring-registry https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.19.0#HashiCorp_packages https://opentofu.org/registry/ https://github.com/opentofu/registry/tree/main/modules/c/cloudposse https://github.com/endoflife-date/supported-versions https://github.com/openbao/openbao/tree/development https://www.theregister.com/2023/12/08/hashicorp_openbao_fork/ https://news.ycombinator.com/item?id=38578247 https://github.com/hashicorp/terraform/releases/tag/v1.7.0-beta2 https://aws.amazon.com/about-aws/whats-new/2023/06/aws-iam-identity-center-automated-user-provisioning-google-workspace/ https://github.com/ministryofjustice/modernisation-platform/tree/main
2023-12-19
• https://aws.amazon.com/blogs/containers/a-deep-dive-into-simplified-amazon-eks-access-management-controls/ Seems like Access Management via the API is finally here
Introduction Since the initial Amazon Elastic Kubernetes Service (Amazon EKS) launch, it has supported AWS Identity and Access Management (AWS IAM) principals as entities that can authenticate against a cluster. This was done to remove the burden—from administrators—of having to maintain a separate identity provider. Using AWS IAM also allows AWS customers to use their […]
2023-12-20
@here office hours is starting in 30 minutes! Remember to post your questions here.
I’m not going to make it today, sorry.
FYI if you are using ingress-nginx 4.8.4 https://github.com/kubernetes/ingress-nginx/issues/10784
I had release 4.8.4 of helm chart deployed everywhere and in my local cache and now it is gone from repo, from github releases?
New ssh vulnerability: https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels.
Forgot to ask about this one: Is anyone using AWS myApplications? Is there Terraform/OpenTofu support for it yet? https://aws.amazon.com/about-aws/whats-new/2023/11/myapplications-view-manage-applications-aws/
@Max Lobur (Cloud Posse)
nope we don’t use it yet.
can’t find a terraform resource for it as of now
Links from today’s office hours:
https://www.hashicorp.com/blog/mitchell-reflects-as-he-departs-hashicorp https://twitter.com/mitchellh/status/1737226562519593207 https://github.blog/changelog/2023-12-06-new-organization-repositories-list-feature-preview/ https://www.theregister.com/2023/12/14/linkedin_abandons_migration_to_microsoft/ https://news.ycombinator.com/item?id=38702783 https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html https://github.com/aws/containers-roadmap/issues/185#issuecomment-1863025784 https://aws.amazon.com/blogs/containers/a-deep-dive-into-simplified-amazon-eks-access-management-controls/ https://github.com/pulumi/pulumi-aws/issues/3160 https://www.infoq.com/news/2023/12/iam-unused-access-analyzer/ https://github.com/charmbracelet/vhs-action https://github.com/opentofu/opentofu/releases/tag/v1.6.0-rc1 https://ziglang.org/ https://bun.sh/ https://www.leapp.cloud/index.html https://github.com/Noovolari/leapp/issues/508 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://ermetic.com/platform/just-in-time/ https://sweetops.slack.com/archives/CHDR1EWNA/p1682556493263569 https://aws.amazon.com/blogs/security/temporary-elevated-access-management-with-iam-identity-center/
2023-12-21
for your continuously updated whats new at aws fix; https://aws.amazon.com/about-aws/whats-new/recent/feed/
(there’s just too much IMO to be subscribed to all of it)
2023-12-22
2023-12-27
@venkata.mutyala saw this in my feed: https://github.com/LGUG2Z/satounki
Temporary elevated access management as a self-hosted service
Here was the project I was thinking of:
Wow! very cool project @loren https://github.com/common-fate/common-fate
Thank you both! They both look promising.
@here office hours is starting in 30 minutes! Remember to post your questions here.
Links from today’s office hours:
https://github.com/Platane/snk https://github.com/dlvhdr/gh-dash https://github.com/leg100/otf https://aws.amazon.com/about-aws/whats-new/2023/12/amazon-eks-upgrade-insights/ https://github.com/latacora/latacora-service-control-policies/ https://headlamp.dev/ https://github.com/jaxxstorm/action-install-gh-release https://github.com/nucleuscloud/neosync https://news.ycombinator.com/item?id=38569585 https://github.com/cloudposse/build-harness http://www.github.com/cloudposse/geodesic https://apisix.apache.org/docs/ingress-controller/concepts/apisix_tls/ https://stackoverflow.co/teams/ https://github.com/danswer-ai/danswer